Windows XP Rejecting Digital Signature

0
votes

I don't want to see unsigned driver warnings while installing a driver, so I'm trying to digitally sign a driver using signtool, inf2cat, and a Software Publishing Certificate. Vista x64 requires the drivers to be digitally signed or it flat out rejects them, but I have managed to get Vista x64 to accept the driver, so I know I'm doing the process correctly.

However, I repeat the process for the Windows XP x86 driver. inf2cat and signtool both return successful results, signtool verifies the digital signatures, right-click -> properties on the file verifies the digital signature too.

However, when I go to load the driver in Windows XP, it still prompts me with an unsigned driver warning. Why does XP consider the file unsigned, but Vista does not?

1
windows-xpdigital-signature
You might try searching on serverfault.com to see if there's anything useful there. Your certificate is official, from a certificate authority I presume?Jon Onstott
Yup, cross-certified and everything, pfx'd, etc. Like I said, I can make this work in Vista x64 (and x86!), and the same exact process does not work for Windows XP.ajs410

1 Answers

2
votes

The only drivers Windows XP would assume as signed are drivers signed by WHQL. Microsoft has loosened up their policy starting Windows Vista, but in Windows XP, the WHQL process is the only way to go.